[LON-CAPA-admin] RedHat xinetd problems
Martin Siegert
siegert at sfu.ca
Tue Dec 17 15:36:26 EST 2002
Hi,
versions of xinetd < 2.3.7 have a denial of service vulnerability.
RedHat had released in October xinetd version 2.3.9. That version
turned out to be so buggy that they had to downgrade xinetd to
version 2.3.7.
The problem now is the following:
*** if you are using check-rpms to upgrade your RedHat Linux machines
*** and "rpm -q xinetd" shows that you have xinetd-2.3.9 installed
*** check-rpms will not show that you have to "upgrade" to the newer
*** package xinetd-2.3.7. You must install this downgraded version
*** without using "check-rpms --update", but use
*** rpm -Fvh xinetd-2.3.7-4.7x.i386.rpm (for RH7.x)
*** or rpm -Fvh xinetd-2.3.7-5.i386.rpm (for RH8.0)
Remark: you should use "rpm -Fvh ..." and not "rpm -Uvh --force ..."
even when you downgrade xinetd from 2.3.9 to 2.3.7.
(RedHat has bumped a rarely use "epoch" parameter in the 2.3.7 rpm
packages so that you do not have to force the installation of xinetd-2.3.7)
Regards,
Martin
========================================================================
Martin Siegert
Academic Computing Services phone: (604) 291-4691
Simon Fraser University fax: (604) 291-4242
Burnaby, British Columbia email: siegert at sfu.ca
Canada V5A 1S6
========================================================================
More information about the LON-CAPA-admin
mailing list